Slashdot Mirror

← Back to Stories (view on slashdot.org)

Blogger Hacked

Posted by michael on from the it-must-be-friday dept.

WCityMike writes "Blogger has been severely hacked into, with users' passwords and e-mail addresses being replaced with 'hacx0redbyme' or 'hax0redbyme.' Apparently, attempts to change your password or other information do not succeed due to a major database problem. Blogger currently has no official news: its main page simply apologizes for being down for repairs and its status blog has no information, probably suffering from the same accessing problem as other blogs. In the meantime, discussion, information, and advice is appearing on the weblogs of Anil Dash and Tom Coates, as well as this QuickTopic thread. Glad I use another journaling service." We usually try to avoid "Site X Hacked!" stories, but since this affects so many people - and, heh-heh, they don't have anywhere else to talk about it - here you go.

20 of 340 comments (clear)

  1. Re:A bit mean. by gowen · · Score: 5, Funny
    Blogs are what seperates us from the animals
    Thats true. You never see dogs boring each other witless with the irrelevant minutiae of their lives. Mind you, dog's can lick actually their own genitals, which is pretty much what blogging is a substitute for...
    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  2. Blogger's troubles by spookysuicide · · Score: 5, Informative

    Blogger has been having a lot of troubles lately, if you can find your own web hosting, you may want to consider using the very easy to set-up movable type.

    --
    yes i run a goth/punk/emo porn site.
  3. Blogout. by b0r0din · · Score: 5, Funny

    Good thing I chose hax0redbyme as my original password. Ahh, the 1337 L1phs7y13.

  4. recommendation by flanker · · Score: 5, Informative

    Disable or reset the password of the account used to FTP your blog to your web server ASAP.

    --
    Left shift 1 for e-mail...
  5. I don't really get blogs... by Bonker · · Score: 5, Interesting

    Slashdot, for example, is a lot more of a news and current events site than it is Taco's personal weblog. k5 is more about essays and news. Occasionally, however, I'll stumble across a blog while looking for something else. If I don't know what it is at first, I tend to read it for a few seconds before going back.

    LiveJournal blogs are the worst, IMHO. People go on and on about events and parties with people that 99.99999% of their readers have never met. Once I realize I've stumbled across something like that, I leave it as soon as I can.

    Is it exhbitionism/vouyerism? If I read stories about a person's private life, I'd much rather they beging with a line like, "Dear Penthouse, I've always read the letters in your magazine but never thought that something like that could happen to me..."

    --
    The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
    1. Re:I don't really get blogs... by eclectric · · Score: 5, Insightful

      Well, personally, I don't care if any of my readers know who I'm talking about. I really use a weblog to keep track of my state at any given time. This lets me look back and say "oh, that's what I was thinking." I mean, I don't care if I'm the only person in the world who reads my weblog.

      Why put it on the web? Well, there are often times, on irc and in email, when I want to point someone to something I've written... plus, if anyone is visiting my website, then it's possibly they want to know more about me. If they don't, then fine. If they do, then the weblog is there.

  6. Blog = weblog by gosand · · Score: 5, Insightful
    FYI, the term blog comes from the term weblog. It got morphed into "we blog", and the term got overused quite a bit. So a blog is basically a journal.

    I have never used one, or intend to. For some unknown reason, it bacame popular to just ramble out your thoughts into an online journal. Whatever. I don't see why this made the news though...

    --

    My beliefs do not require that you agree with them.

  7. While Everyone by SomeOtherGuy · · Score: 5, Informative

    is looking for alternatives. b2 is a really good and powerful altewrnative. PHP, MySQl, and all the goodies.

    --
    (+1 Funny) only if I laugh out loud.
  8. Status Blog now has info by burgburgburg · · Score: 5, Informative
    As of 10:02 am, the status blog now reports:

    Blogger has suffered a security intrusion by a "haX0r." We have all the data that was changed backed up within a couple hours of the attack, so we can have things pretty much back to normal soon. Of course, we're assessing the situation as thoroughly as possible to make sure it doesn't happen again. Also, if you store your FTP login information in Blogger, it wouldn't hurt to change that on your server--though it is unlikely that information was accessed. Sorry for the inconvenience.

  9. one more pointless joke about blogs by L.+VeGas · · Score: 5, Funny

    Hacking a blogging site is like littering in a dump.

    --
    Best Windows Freeware
  10. Re:script kiddies are sickoes by bellings · · Score: 5, Funny

    They should be treated just like as if they burned down a building, but no, the law doesn't understand.

    They should be treated as if they burned down a building with cute little kitties living inside of it! Because, inside of every blogger there's a cute little kitty, just waiting for you to discover it.

    What these hackers have done is atrocious. It's far, far worse than petty graffiti or vandalism. They have trampled the hearts and emotions of sensitive bloggers everywhere. And for that, there can be no justice -- only bitter revenge.

    --
    Slashdot is jumping the shark. I'm just driving the boat.
  11. Re:Blogs, who need em? by The+Good+Reverend · · Score: 5, Insightful

    Web logs are amazingly convenient for people who don't have the skills to edit from the command line. Remember, most people on the internet aren't as savvy as you or I are, and to them, blogs are an easy and efficient means to updating their personal site. Don't put them down simply because they found a way onto the web without your skill level.

  12. Re:Good for them by The+Good+Reverend · · Score: 5, Insightful

    Oh, I'm sorry. Because someone uses a term you don't like, they deserve to be hacked? That's absurd. I'm sorry you have a personal problem with a certain combination of letters.

    It's not like "blog" was created by an ad agency, or by some company to sell it's product. It's a contraction of "Web Log", which is what these types of sites are. Don't like the word? Don't use it. But don't wish an attack on someone because you find time in your day to hate a contraction.

  13. For all those bashing "Blogs" by aengblom · · Score: 5, Insightful

    Blogs have achieved one of the most fantastic of things ever on the internet. They killed the personal web site! Anyone been asked to visit anyones "personal web page" recently? I think not!

    Personal web pages were 50 times worse than any blog. It's evolution--not revolution ;-).

    Anyway... My friend has a blog. It's is like the BBS I ran when I was 14. Some friends log in. We talk about intersting things (or not) publicly. Eventually when I did things right, a few extra people came along and we had some good conversations.

    --


    So close and yet so far from the world's perfect ID number
  14. oh thank goodness. by gabec · · Score: 5, Funny

    What I did today: Well my 'blog website is down today. I dunno why. Golly. Luckily enough I found another website (as you can see) where I could babble on and on about absolutely nothing. Felix, (my roommate's cat) is doing just fine, thank you for asking. Did you see the X-Files re-run last week? Oh dear, look at the time. Maybe the normal blog website is back up. *hope*hope*

  15. Re:Blogger runs windows..... by ChazeFroy · · Score: 5, Informative

    My money is that these guys got in with an application-level hack, not an OS/server hack. The biggest fault of applications, especially web applications, is a failure by the programmer to do input validation.

    Apache, perl, and php are vulnerable to the same type of hacks, it's not just Microsoft.

  16. Unless you have 28 years of once daily entries.. by Inoshiro · · Score: 5, Insightful

    MySQL is really overkill for your work. My changelog uses a Perl script which parses my entries into XHTML. It even nicely preserves my double-spaced end-of-sentences (I really crave that whitespace...). I'm starting to see some slugishness from ext3 because I'm over 1,000 entries now, but I'm planning on hashing my entries into a subdir for the year. That'll limit it to 365 entries per directory (give or take a leap year :)), allowing ext3 to serve my needs for years to come.

    A good flat file system lets you reuse the VFS of Linux for smarter caching, and it's easy to NFS or SMB mount it via any machine on my private network. This also means that for someone to compromise my setup and mess with my changelog, they'd also have unrestricted access (pretty much) to my local network, meaning I'd have a whole lot more to worry about than losing my journal entries.

    --
    --
    Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
  17. What the hell...it's only karma... by Cutriss · · Score: 5, Insightful

    Mark me as troll if you want. I don't give a shit.

    90% of the posts in this thread are all "Holier Than Thou"-type Slashdot posts from fellow geeks that obviously feel some sort of insecurity about their own lives and are thus insulting those that use weblogs.

    I don't use a weblog to achieve an inflated sense of importance or to boost my ego. I use it to keep track of what my friends and I are doing. A year from now, we'll have all graduated college, and it's nice to be able to keep tabs on everyone's day-to-day events...and to continue to do so even when we've gone our separate ways.

    Just because you *think* the Internet is full of 12-year-old girlie bloggers discussing the drab details of their lives doesn't mean it's the truth. And even if it was, who appointed you "critic of all those lowly masses"? Get a life of your own, man...

    --
    "Mod, mod, mod...and another troll bites the dust."
  18. blogger back up by ntk · · Score: 5, Informative
    Blogger's status page was just updated (1150am-ish PST) to say this:

    We have found the cause of the vulnerability and have patched it. Everything is back restored and back online with the exception of the API server and bSTATS.

  19. Re:Meanwhile.... by oldstrat · · Score: 5, Funny

    /.
    That's cruel and completely not true.
    The 4 of us handled it completely without anger and substituted by sending each other text messages on our cell phones.